Skip to content

Instantly share code, notes, and snippets.

@icheko
Created September 14, 2022 04:17
Show Gist options
  • Save icheko/a638f992a8c8e521cb6582f103cc6d28 to your computer and use it in GitHub Desktop.
Save icheko/a638f992a8c8e521cb6582f103cc6d28 to your computer and use it in GitHub Desktop.
apiVersion: security.openshift.io/v1
metadata:
name: nonrootbuilder
allowHostDirVolumePlugin: false
allowHostIPC: false
allowHostNetwork: false
allowHostPID: false
allowHostPorts: false
allowPrivilegeEscalation: true
allowPrivilegedContainer: false
allowedCapabilities: null
defaultAddCapabilities: null
groups: []
kind: SecurityContextConstraints
priority: 5
readOnlyRootFilesystem: false
requiredDropCapabilities:
- KILL
- MKNOD
fsGroup:
type: RunAsAny
runAsUser:
type: MustRunAs
uid: 1001
seLinuxContext:
type: MustRunAs
supplementalGroups:
type: RunAsAny
users: []
volumes:
- configMap
- downwardAPI
- emptyDir
- persistentVolumeClaim
- projected
- secret
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment